Employee Break the Glass
Proposal from MRC to CTG
Seth Bokser
Deborah Yano-Fong
Susan Penny
MRC Proposal to CTG
• As part of the Apex Access Auditing Project—
including software implementation, operations
planning, and policy enforcement/changes
– Implement Privacy Warnings by default for all UCSF
Employees, after Cynergistek/Iatric Auditing and
Monitoring program is implemented
• In the absence of the larger auditing/monitoring
project, employee Privacy Warnings will create
the risk of setting false expectations amongst
UCSF employees and will not achieve the desired
outcome.
MRC Proposal to CTG
• Verbiage “Privacy Warning”
• Employees and patients will continue to be able
to request being “confidential patients,” which
will give them the same “privacy warning” in
their Apex record.
MRC Proposal to CTG Next Steps
• Support the implementation of planned Cynergistek/Iatric
Auditing/Monitoring integration in the larger Apex Access
monitoring project
Long Term Optimization:
• As part of implementation will determine exactly “who” gets the
Privacy Warning by default
•
•
•
•
Employees (faculty and staff)
Students?
Spouses/Partners of Employees?
Children of Employees?
• Recommend a phased in approach to not overload the system
and resources